SN0X
|
  |
| Joined: 24 Oct 2011 |
| Total Posts: 7277 |
|
|
| 09 Jun 2012 03:43 PM |
Ok, so I've been improving my GUI-Based Script Builder place recently and...
z0gm
People kill, delete and offend other users through their scripts.
How can I stop users from...
Changing the parent property of characters and players Killing humanoids Etc.
Basically, how'd I stop users from interfering with each over in my game? I'd like to keep it multiplayer...but stop users from ruining each over's time.
Uh...would I have to do a string checker thing ? ? ?
or is there an easier way ? ? ? |
|
|
| Report Abuse |
|
|
SN0X
|
  |
| Joined: 24 Oct 2011 |
| Total Posts: 7277 |
|
|
| 09 Jun 2012 03:56 PM |
Ugm
y u no halp
nxt
Some1
waaaa :( |
|
|
| Report Abuse |
|
|
SN0X
|
  |
| Joined: 24 Oct 2011 |
| Total Posts: 7277 |
|
| |
|
|
| 09 Jun 2012 04:27 PM |
Do a search of their code for Character reparenting. And do a search to check and make sure that any name from Players can be accessed. And for humanoids, maybe have a while wait() do statement to keep the health 100 at all times?
--Swordmasternoah ლ(ಠ_ಠლ) |
|
|
| Report Abuse |
|
|
| |
|
|
| 09 Jun 2012 04:32 PM |
It's kinda impossible. But i'll give it a shot.
if string.find(Code,"Parent") then for i=1,#game.Players:GetChildren() do local Characters = #game.Players[i].Name if string.sub(Code,string.find(Code,"Parent),Characters) then --Don't run code end end end
I think that will look through the stuff, if it finds a "Parent" word in there, then it will search for any players names after it.
--Swordmasternoah ლ(ಠ_ಠლ) |
|
|
| Report Abuse |
|
|
SN0X
|
  |
| Joined: 24 Oct 2011 |
| Total Posts: 7277 |
|
|
| 09 Jun 2012 04:36 PM |
But people could find ways around that,
Examples:
p = game.Players.SN0X p:Destroy()
...
game.Players.SN0X.PlayerGui.Parent:Destroy() |
|
|
| Report Abuse |
|
|
SN0X
|
  |
| Joined: 24 Oct 2011 |
| Total Posts: 7277 |
|
|
| 09 Jun 2012 04:39 PM |
Humanoids and character deletions/kills are less of a problem;
1) You can rename and hide the humanoid. 2) You can still use the GUI with the character deleted. |
|
|
| Report Abuse |
|
|
NXTBoy
|
  |
| Joined: 25 Aug 2008 |
| Total Posts: 4533 |
|
|
| 09 Jun 2012 05:21 PM |
Rather than analysing the source code, you need to run it in a protected environment. This is Hard™. You'll need metatables, setfenv, and getfenv.
I'll give you more help tomorrow. GMT says no today. |
|
|
| Report Abuse |
|
|
NXTBoy
|
  |
| Joined: 25 Aug 2008 |
| Total Posts: 4533 |
|
|
| 10 Jun 2012 04:39 AM |
| This is a hard enough problem that you get a (incomplete) wiki article: http://wiki.roblox.com/index.php/Sandboxing |
|
|
| Report Abuse |
|
|
SN0X
|
  |
| Joined: 24 Oct 2011 |
| Total Posts: 7277 |
|
|
| 10 Jun 2012 05:14 AM |
Roblox did a good job at sandboxing.
I wonder how well a little kiddie can do...
-_-
Looks complicated.
Thanks NXT. |
|
|
| Report Abuse |
|
|
SN0X
|
  |
| Joined: 24 Oct 2011 |
| Total Posts: 7277 |
|
|
| 10 Jun 2012 05:18 AM |
Oh it doesn't look that complicated...
I bet I'll run into a problem though...
And players might find ways around it.
But it'll prevent n00bs from loopkilling everyone/keeping servers to themselves and their GFs or whatever dumb things people do these days. |
|
|
| Report Abuse |
|
|
NXTBoy
|
  |
| Joined: 25 Aug 2008 |
| Total Posts: 4533 |
|
|
| 10 Jun 2012 05:38 AM |
| Note that that article is nowhere near complete. There are more clever things that need to be done yet. |
|
|
| Report Abuse |
|
|
NXTBoy
|
  |
| Joined: 25 Aug 2008 |
| Total Posts: 4533 |
|
|
| 10 Jun 2012 06:10 AM |
| Have another look: Things are getting more complicated. |
|
|
| Report Abuse |
|
|
SN0X
|
  |
| Joined: 24 Oct 2011 |
| Total Posts: 7277 |
|
| |
|
SN0X
|
  |
| Joined: 24 Oct 2011 |
| Total Posts: 7277 |
|
|
| 10 Jun 2012 06:31 AM |
Woah that's complicated.
I will be so happeh if I succeed in doing this. |
|
|
| Report Abuse |
|
|
oxcool1
|
  |
| Joined: 05 Nov 2009 |
| Total Posts: 15444 |
|
| |
|
SN0X
|
  |
| Joined: 24 Oct 2011 |
| Total Posts: 7277 |
|
|
| 10 Jun 2012 06:38 AM |
Not to make things even MORE complicated, but...
Is there a way to stop players from creating instances in a certain object, like to stop people creating fire in workspace.Base, explosion in workspace.SN0X and stuff?
Or was that already explained?
(My appologies if it was... it's kinda hard to understand this.) |
|
|
| Report Abuse |
|
|
SN0X
|
  |
| Joined: 24 Oct 2011 |
| Total Posts: 7277 |
|
|
| 10 Jun 2012 06:42 AM |
@Oxcool, That's the main thing I'm trying to do.
Did you create your own sandbox or look for matches like NXT's example of "if codetoexecute:match("game\.Players\.%w+:Destroy()") then"? |
|
|
| Report Abuse |
|
|
NXTBoy
|
  |
| Joined: 25 Aug 2008 |
| Total Posts: 4533 |
|
|
| 10 Jun 2012 07:26 AM |
> Is there a way to stop players from creating instances in a certain object, like to stop people creating fire in workspace.Base, explosion in workspace.SN0X and stuff?
Absolutely. That's what I'm working on. To do that, you need to be able to intercept _EVERY SINGLE MEMBER ACCESS_ on instances, and decide whether to allow it. The code you saw that I'm working on is currently focussing on that first part. There are a lot of things to intercept.
Essentially, you wrap `game` in your custom object: * When someone does `game.Players`. you wrap the result in your custom object. * If they do `game.Players:GetPlayers()`, each return value needs to get wrapped in your custom object. * Another corner case is `game.Players.PlayerAdded:connect(function(p) ... end)`: the argument `p` needs to be wrapped in your custom object.
Once you've ensured _everything_ is wrapped, your custom object can then implement whatever access rules you choose. It can ignore attempts to set the `Parent` of `Fire` to `workspace.Base`, for instance.
You've also got to be careful of things like `workspace.Part.Destroy(game.Players.SomePlayer)`. |
|
|
| Report Abuse |
|
|
oxcool1
|
  |
| Joined: 05 Nov 2009 |
| Total Posts: 15444 |
|
| |
|
NXTBoy
|
  |
| Joined: 25 Aug 2008 |
| Total Posts: 4533 |
|
|
| 10 Jun 2012 07:46 AM |
@oxcool: Does it cope with corner cases like:
-- return two values local pos, part = workspace:FindPartOnRay(...)
part.Destroy(game.Players) |
|
|
| Report Abuse |
|
|
oxcool1
|
  |
| Joined: 05 Nov 2009 |
| Total Posts: 15444 |
|
| |
|
NXTBoy
|
  |
| Joined: 25 Aug 2008 |
| Total Posts: 4533 |
|
|
| 10 Jun 2012 08:11 AM |
I knew what I meant :P.
What if I do this in the code:
game = getfenv(2).game
You might want to prohibit access to getfenv. |
|
|
| Report Abuse |
|
|
oxcool1
|
  |
| Joined: 05 Nov 2009 |
| Total Posts: 15444 |
|
| |
|